|
What makes Filecoin unique is not only that Filecoin is the only incentive layer of the IPFS network and has received up to $257 million in financing, but also Filecoin's unique consensus mechanism. While digital currencies such as Bitcoin use a proof-of-work consensus mechanism to require miners to compete with each other and verify payment information between two people exchanging Bitcoins by solving computationally intensive mathematical problems. Filecoin has created a new proof structure that determines the probability of a miner mining a block in the form of proven storage, in which Filecoin reaches consensus through operations that generate positive social externalities. Today, let's talk about Filecoin's proof system. PoRep (Proof of Replication) PoRep (Proof of Replication) is a proof system that miners can use to prove to the network in a publicly verifiable manner that they have unique resources dedicated to storing one or more copies of a data file. In other words, in Proof of Replication, storage miners prove that they are storing a physically unique copy or multiple copies of the data. Proof of replication only happens once, when a miner first stores the data. Populate sectors and generate CommD When storage miners receive client data, they put it into a sector. A sector is the basic unit of storage in Filecoin and can contain pieces from multiple transactions and client data. When a sector is filled, a CommD (Commit Data, also called UnsealedSectorCID) is generated, representing the root node of all CIDs in the sector. Sealing Sector and Production CommR Next, a process called sealing occurs. During sealing, the sector data (identified by CommD) is encoded through a series of graphs and hashes to create a unique copy. The root hash of the Merkle tree of the resulting copy is CommRLast. CommRLast is then hashed together with CommC (another merkle root output from the Proof of Replication). This generates CommR (Commitment of Replication, also known as SealedSectorCID), which is recorded to the public blockchain. CommRLast is kept privately by miners for future use in Proof of Spacetime, but is not saved to the chain. The encoding process is designed to be slow and computationally heavy, so it is difficult to cheat. (Note that encoding is not the same as encryption. If you want to store private data, you must encrypt it before adding it to the Filecoin network.) CommR provides the proof we need that a miner is storing a physically unique copy of a customer’s data. If the same data is stored with multiple storage miners, or if multiple storage transactions are made for the same data using a single miner, each transaction will have a different CommR. The sealing process also compresses the proof of replication using zk-SNARKs to keep the chain small so that all members of the Filecoin network can store the chain for verification. PoSt (Proof of Spacetime) Whereas Proof of Replication is run once to prove that a miner stored a physically unique copy of the data when they sealed that sector, PoSt (Proof of Spacetime) is run repeatedly to prove that they continue to dedicate storage space to that copy of the data over time. PoSt is built on several elements created during Proof of Replication: a replica, a privately held CommRLast, and a publicly known CommR. First, PoSt randomly selects some leaf nodes of the encoded replica and runs a Merkle inclusion proof on them to prove that the miner owns the specific bytes that should be in them. This miner then uses the privately stored CommRLast to prove (without revealing its value) that they know the root of that copy, which both agrees with the inclusion proof and can be used to derive the well-known CommR. The final stage of PoSt compresses these proofs into a single zk-SNARK. When miners agree to store data for clients, they need to pledge collateral. If they fail to pass the proof of spacetime at any time during the contract, they will be penalized. This is a key part of the incentive structure that encourages good behavior among all participants in the Filecoin network. zk-SNARKs (Zero-Knowledge Proofs) It is worth noting that both the proof of replication and the proof of space-time processes in Filecoin are compressed using zk-SNARK. We should all be familiar with zk-SNARKs, which are zero-knowledge proofs, or we can think of them as hashes of computations. They allow us to prove that a proof was completed correctly without revealing details of the proof itself or the underlying data it is based on. The process of creating Filecoin's zk-SNARKs is computationally expensive and slow, but the final value is small and the verification process is very fast. Compared to the original proof, zk-SNARKs are small and can be stored efficiently on the blockchain. For example, a proof that takes up hundreds of kilobytes on the Filecoin chain can be compressed to only 192 bytes using zk-SNARK. As mentioned earlier, everyone who runs a Filecoin node maintains the latest version of the chain for verification. With the help of zk-SNARKs, each proof is kept small, which minimizes the storage requirements of each node in the Filecoin network, as well as the time required to verify transactions. |
